| protect the keys to everything distributed key protection and making encryption accessible protect...

| PROTECT THE KEYS TO EVERYTHING

Distributed Key Protection and Making Encryption Accessible

PROTECT THE KEYSTO EVERYTHING

| PROTECT THE KEYS TO EVERYTHING2

DSM splits secret keys between 2 different servers Cryptographic operations take place without ever bringing the key

together in memory or disk RSA, ECDH (ECIES), ECDSA, AES, HMAC, Password verification

MULTIPARTY COMPUTATION (MPC) TECHNOLOGY

THE KEY IS NEVER IN ANY SINGLE PLACE TO BE STOLEN

| PROTECT THE KEYS TO EVERYTHING3

DISTRIBUTED KEY PROTECTION (DSM)

Random key split refresh:Attacker must obtain both parts simultaneously

| PROTECT THE KEYS TO EVERYTHING4

HIGH SECURITY WITH DYADIC

Viruses

Different admins on each server (mitigate insider threat and targeted credential theft)

Different operating systems (mitigate malware and zero days)

Different physical location (mitigate physical theft)

| PROTECT THE KEYS TO EVERYTHING5

HSM vs DSMHSMs1. Expensive to deploy and maintain 2. Difficult to upgrade to support new

algorithms3. Not elastic; hard to scale up or scale down4. Support only limited range of use-cases5. Essential where regulator-mandated

Dyadic DSM – A virtual HSM1. Easy to deploy and maintain2. Easy to update and upgrade3. Elastic and sacalable4. Supports wider range of use cases (e.g., cloud,

endpoint)5. Preferable where regulator doesn’t require HSM

| PROTECT THE KEYS TO EVERYTHING6

DEPLOYMENT PROCEDURE• Identify keys and credentials for protection• Decide on DSM deployment configuration

(admins, OSs, location, topology)• Allocate DSM servers and install DSM

software• Install and configure DSM agents on relevant

servers• Import and/or generate keys

Web server

Database server

Application server

DSM Agent

DSM Agent

DSM Agent

DSM

Deployment

| PROTECT THE KEYS TO EVERYTHING7

Integrations• Core Distributed Crypto Pack

o RSA decryption and signingo Elliptic Curve Cryptographyo Innovative password protection solution

• Supported API’so PKCS#11 – Fully integrated with PKCS#11 Applications (e.g., Tomcat, Oracle Database TDE)o Microsoft CNG – Fully integrated with Microsoft products using KSP (e.g., Microsoft CA, IIS TLS/SSL, IPsec)o OpenSSL engine – Fully integrated with Linux products using OpenSSL (e.g., TLS/SSL, SSH)o DSM SDK for .NET, Java, Python and PHP.

• Easy Deployment and Maintenanceo Up and running in under 30 minuteso Comprehensive secured management system (disaster recovery, backup, import, elasticity)

| PROTECT THE KEYS TO EVERYTHING8

• If an application server is hacked, the attacker can impersonate a legit application and use the DSM to decrypt.

• HOWEVER:o This is an online attack (versus offline attack) and thus the attacker has less time and a

much greater risk of getting caughto The password protection and combined password/encryption solutions are immuneo Password – DSM only answers YES/NOo Combined – Attacker must know correct password to decrypt (like application)

o Decrypting a large DB this way takes a long time, which an attacker usually doesn’t haveo All DSM access is audited; all decrypted records will be known, reducing attack impact o Built-in anomaly detection module which will block these kinds of attacks

Online Attacks Protection

| PROTECT THE KEYS TO EVERYTHING9

• DSM suite includes a web console for monitoring the DSM activity

• All activity management and usage is audited to a variety of configurable audit targets: DB, file, syslog, event-log, etc.

• DSM has a local audit log on each server and a combined audit log to allow tamper proof auditing

• DSM audit can be easily integrated with standard monitoring tools such as Splunk, logstash, etc.

Auditing and Monitoring

| PROTECT THE KEYS TO EVERYTHING10

PERFORMANCE

| PROTECT THE KEYS TO EVERYTHING11

Dyadic DSM SSL Performance• DSM is constructed from sets of independent pairs

• Performance of a single pair suffices for most enterprise applications

• Both scale up and scale out will have linear effect on performance

System CPU count per machine

Password validation/sec

Decryption/sec (RSA 2048)

Small 1 X 2.1 Ghz 200 320

Medium 2 X 2.1 Ghz 400 650

Large 4 X 2.1 Ghz 800 1250

Extra large 8 X 2.1 Ghz 1860 3000

| PROTECT THE KEYS TO EVERYTHING12

SOFTWARE DEFINED ENCRYPTION

| PROTECT THE KEYS TO EVERYTHING13

Load database schema

Choose fields to encrypt

Provide information on chosen fields

Get wrapper code to use in applications

321

SDE Workflow

| PROTECT THE KEYS TO EVERYTHING14

SDE Workflow – Setup Phase

| PROTECT THE KEYS TO EVERYTHING15

SDE Workflow – Usage

| PROTECT THE KEYS TO EVERYTHING16

SDE - Providing Information on Chosen Fields

| PROTECT THE KEYS TO EVERYTHING17

After setting the required encryption, Dyadic generates wrapper code for easy integration. Use the generated code to call the encrypt/decrypt API before & after the SQL statements.

SDE - Code Generation

| PROTECT THE KEYS TO EVERYTHING18

SDE – Security Levels (Making Customers Fully Aware)

Standard encryption is strong, semantically secure

| PROTECT THE KEYS TO EVERYTHING19

SDE – Security Levels (Making Customers Fully Aware)

To enable search by EQUALS, deterministic encryption is used; the key is different for each column

| PROTECT THE KEYS TO EVERYTHING20

SDE – Security Levels (Making Customers Fully Aware)

To enable search by EQUALS with JOIN, deterministic encryption is used with the same key throughout (weaker)

| PROTECT THE KEYS TO EVERYTHING21

SDE – Security Levels (Making Customers Fully Aware)

When items are unique, deterministic encryption is “fully secure” (so Very Strong again)

| PROTECT THE KEYS TO EVERYTHING22

SDE – Security Levels (Making Customers Fully Aware)

Passwords are hashed and then encrypted under a strong key. They are verified (via MPC) without every decrypting

| PROTECT THE KEYS TO EVERYTHING23

SDE – Security Levels (Making Customers Fully Aware)

Order-preserving encryption is very weak; this is made explicit (with a full explanation)

| PROTECT THE KEYS TO EVERYTHING24

SDE – Security Levels (Making Customers Fully Aware)

To enable JOIN with order-preserving encryption, the same key is used throughout (ultra weak)

| PROTECT THE KEYS TO EVERYTHING25

• Many customers do not encrypt due to difficulty• SDE makes encryption easy• No expertise at all necessary• SDE automatically generates best encryption method based on functional requirements

• All keys are protected by the DSM

• The result:• No encryption knowledge needed• No headache about where to store the key• Minimal changes to database (types do not change)• No one has a reason not to encrypt databases anymore

SDE – Summary

| PROTECT THE KEYS TO EVERYTHING26

STRONG MOBILE AUTHENTICATION

| PROTECT THE KEYS TO EVERYTHING27

THE PAYMENT SECURITY CHALLENGE Online transactions require strong authentication to prevent malicious activities Users are reluctant to use mechanisms that force them to change the way they work Cumbersome security mechanisms lead to missed business opportunities

ELIMINATE THE SECURITY VS. BUSINESS NEEDS CONFLICT

| PROTECT THE KEYS TO EVERYTHING28

DISTRIBUTED MOBILE AUTHENTICATION

Authentication and transaction signing by using a private key distributed between the mobile device and server(s) on premise

Based on digital certificate, optional two factor authentication (device + PIN code)

No single point of compromise Built in non-repudiation – server alone cannot perform operations Strong security, transparent to the user

| PROTECT THE KEYS TO EVERYTHING29

Transaction Signing

Server User B Key Part b

User A Key Part b

User C Key Part b

Signed Transaction

Dyadic

User D Key Part b

User E Key Part b

User N Key Part b

User A – Key Part a

1Transaction Request

2

3

| PROTECT THE KEYS TO EVERYTHING30

Transaction Signing - Push

Server User B Key Part b

User A Key Part b

User C Key Part b

Transaction Request

Dyadic

User D Key Part b

User E Key Part b

User N Key Part b

Distributed Signing

User A – Key Part a

Laptop

1

2

3

4

| PROTECT THE KEYS TO EVERYTHING31

Protection from device loss, theft and counterfeiting/replication Secure mobile-based transaction approval Does not disrupt existing user flows Immediate signing key revocation upon a security incidentNo need for physical tokens/smartcards

MOBILE AUTHENTICATION - SECURITY

| PROTECT THE KEYS TO EVERYTHING32

Secure one-time-password (OTP) generation PKI-based, OTP is generated on mobile and signed jointly by mobile and by the Dyadic server Signing private-key is distributed between mobile device and a server on premise, eliminating single

points of breach PKI-based means server breach does not lead to full compromise

MOBILE-BASED OTP

| PROTECT THE KEYS TO EVERYTHING33

Enhancing Existing OTP Using MPC

Application ServerUser B Key Part b

User A Key Part b

User C Key Part b

OTP

Dyadic

User D Key Part b

User E Key Part b

User N Key Part b

User A – Key Part a

Dyadic Aux

1

23 4

Existing Auth. Server

Verify OTP

| PROTECT THE KEYS TO EVERYTHING34

Stolen device –o Server-side revocation immediately renders stolen-device uselesso Optional PIN-code for two-factor authentication

Malware on device – all transactions pass through Dyadic server, enabling auditing and anomaly detection

Device cloning – key distribution is constantly refreshed. Refresh requests from different sources leads to immediate revocation

STRONG SECURITY

| PROTECT THE KEYS TO EVERYTHING35

SUMMARY

| PROTECT THE KEYS TO EVERYTHING36

THE DYADIC SOLUTION

PROVIDES EASY AND STRONG SECURITY IN VIRTUAL ONLY ENVIRONMENT

STRONG SECURITYSecrets are transparently operational for all legitimate uses, but are inexistent for attackers

ENCRYPTION MADE EASYPlatform agnostic, used through configuration or through a simple API

EXTENSIVE PROTECTIONSingle installation protects multiple use-cases

| PROTECT THE KEYS TO EVERYTHING

THANK YOU